Vulnerability Details CVE-2006-1384
Cross-site scripting (XSS) vulnerability in apwc_win_main.jsp in the web console in IBM Tivoli Business Systems Manager (TBSM) before 3.1.0.1 allows remote attackers to inject arbitrary web script or HTML via the skin parameter.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.008
EPSS Ranking 73.0%
CVSS Severity
CVSS v2 Score 4.3
References
- http://secunia.com/advisories/19332
- http://securitytracker.com/id?1015822
- http://www-1.ibm.com/support/docview.wss?uid=swg1OA14904
- http://www.osvdb.org/24069
- http://www.securityfocus.com/bid/17210
- http://www.vupen.com/english/advisories/2006/1073
- https://exchange.xforce.ibmcloud.com/vulnerabilities/25412
- http://secunia.com/advisories/19332
- http://securitytracker.com/id?1015822
- http://www-1.ibm.com/support/docview.wss?uid=swg1OA14904
- http://www.osvdb.org/24069
- http://www.securityfocus.com/bid/17210
- http://www.vupen.com/english/advisories/2006/1073
- https://exchange.xforce.ibmcloud.com/vulnerabilities/25412
Products affected by CVE-2006-1384
-
cpe:2.3:a:ibm:tivoli_business_systems_manager:3.1